Researcher Gives Apple Details of macOS Keychain Security Flaw Despite No Mac Bug Bounty Program

A German teenager who discovered a macOS Keychain security flaw last month has now shared the details with Apple, after having initially refused to hand them over because of the company's lack of a bug bounty program for the Mac.


Eighteen-year-old Linus Henze dubbed the zero-day macOS vulnerability he found "KeySteal," which, as demoed in the video above, can be used to disclose all sensitive data stored in the Keychain app.

Henze said he decided to reveal the details to Apple because the bug "is very critical and because the security of macOS users is important to me."


After Henze released the video in early February, Apple's security team reached out to him, but the researcher said he wouldn't disclose the details without a cash reward, arguing that discovering the vulnerabilities takes time.

"Even if it looks like I'm doing this just for money, this is not my motivation at all in this case," said Henze. "My motivation is to get Apple to create a bug bounty program. I think that this is the best for both Apple and Researchers."

Apple has a reward program for iOS that provides money to those who discover bugs, but there is no similar payment system for macOS bugs.

Top Rated Comments

(View all)
Avatar
18 months ago
He probably cares more about the Mac OS as platform than Apple do
Score: 71 Votes (Like | Disagree)
Avatar
18 months ago
He probably cares about Mac OS as platform, and wants to see bugs fixed.


Thank you, Linus.


Now, Apple, listen to the people, and start bug bounty program.
Score: 68 Votes (Like | Disagree)
Avatar
18 months ago
Get a bounty program for Macs. This is not a good look for Apple. There's no reason to have a program for iOS and not MacOS.
Score: 33 Votes (Like | Disagree)
Avatar
18 months ago
I can't really imagine a way for blaming him and his behaviour, but I'm sure this forum won't let me disappointed
Score: 28 Votes (Like | Disagree)
Avatar
18 months ago

It’s great that Apple values our privacy, but the lack of security makes all that effort pretty much useless. I think we’ve seen more critical security bugs from Apple than from any other major company.

I'm sorry but this is just BS. I used to support Windows environments for a living, what you see on Mac is literally nothing compared to what you see on Windows.
Score: 22 Votes (Like | Disagree)
Avatar
18 months ago
Maybe there is too many bugs in MacOS that Tim would lose to much money on the deal...
Score: 18 Votes (Like | Disagree)

Top Stories

Apple Warns Against Closing MacBooks With a Cover Over the Camera

Friday July 10, 2020 11:12 am PDT by
Apple this month published a support document that warns customers against closing their Mac notebooks with a cover over the camera as it can lead to display damage. Image via Reddit Apple says that the clearance between the display and the keyboard is designed to very tight tolerances, which can be problematic. Covering the camera can also cause issues with automatic brightness and True Tone....

Leaker: 'iPhone 12 Pro' to Come With 6GB of RAM

Friday July 10, 2020 1:59 am PDT by
Later this year, Apple is expected to release four OLED iPhones in three display sizes, including 5.4, 6.7, and two 6.1-inch models. Rumors suggest the 6.7-inch iPhone and one 6.1-inch model will be higher-end devices, and now leaker @L0vetodream has corroborated previous rumors about the internal specs of Apple's upcoming lineup. Rumors suggest Apple will use 5-nanometer A14 chips in its...

Apple Moving Forward on Semitransparent Lenses for Upcoming AR Headset

Friday July 10, 2020 7:24 am PDT by
Apple and Foxconn have reached a key milestone in the development of Apple's long-rumored augmented reality headset, with the semitransparent lenses for the device moving from prototype to trial production, reports The Information. Apple is developing the lenses on a single production line at a Foxconn factory in Chengdu in southwestern China, where most of Apple’s iPad production is...

Kuo: Apple Silicon Macs to Include 13-inch MacBook Pro and MacBook Air This Year, 14.1-inch and 16-inch MacBook Pro Models Next Year

Friday July 10, 2020 2:58 am PDT by
At last month's WWDC, Apple officially announced that its Mac computers will be transitioned from Intel x86 to homegrown Apple Silicon chips. Apple said it plans to deliver the first Apple Silicon Mac by the end of the year and complete the transition in about two years. According to Apple analyst Ming-Chi Kuo, a 13.3-inch MacBook Pro with a form factor similar to the current 13.3-inch...

Arm-Intel-PowerPC Universal Binaries Are Possible

Saturday July 11, 2020 1:42 pm PDT by
Casual MacRumors visitors may not realize that we have a very active PowerPC forum where users discuss issues related to PowerPC Macs that have not been produced since 2006. Threads range from hardware upgrades and software options to nostalgia: Photo by AphoticD Apple's recently announced transition to Apple Silicon (Arm) based Macs raised some interesting questions about future support...

iPhone 12 Sizes Compared with iPhone SE, 7, 8, SE 2, X, 11, 11 Pro and 11 Pro Max [Update]

Tuesday July 7, 2020 6:49 pm PDT by
Apple is planning on launching the iPhone 12 this fall which is rumored to be coming in 3 different sizes: 5.4", 6.1" and 6.7". The middle size (6.1") matches up with the currently shipping iPhone 11, but the other two sizes will be entirely new. Over the weekend, there was some excitement about how well the new 5.4" iPhone 12 compares to the original iPhone SE. Those who have been hoping...

Tom Hanks WWII Movie 'Greyhound' Debuts on Apple TV+

Friday July 10, 2020 3:33 am PDT by
Apple TV+ today debuted "Greyhound," the highly anticipated Second World War movie starring Tom Hanks as a naval officer given command of Navy destroyer Greyhound in the Battle of the Atlantic. "Greyhound" features Hanks as George Krause, who must fight his own self doubts and personal demons as he leads a convoy of Allied ships against German U-boats to prove that he belongs in command. ...

Top Stories: iOS 14 Public Beta, iPhone 12 Size Comparison, 14-Inch MacBook Pro Rumors

Saturday July 11, 2020 6:00 am PDT by
After one round of developer beta testing, Apple unleashed iOS and iPadOS 14 to a wider audience this week, opening it up to members of the public beta program. There are lots of changes and new features to check out, but as with any beta, be careful about installing it on your main devices. Subscribe to the MacRumors YouTube channel for more videos. Other major stories this week included our ...

Hands-On With tvOS 14: Picture in Picture, 4K YouTube, HomeKit and More

Thursday July 9, 2020 12:48 pm PDT by
Apple at WWDC introduced a new version of tvOS, the software that's designed to run on the fourth and fifth-generation Apple TV models. tvOS updates are often more minor in scale than iOS, watchOS, and macOS updates, but tvOS 14 has some useful new features. Subscribe to the MacRumors YouTube channel for more videos. Apple in tvOS 13 introduced a Picture in Picture option for the Apple TV...

Apple CEO Tim Cook's 2019 Compensation Totaled Over $133 Million

Friday July 10, 2020 12:01 pm PDT by
Apple CEO Tim Cook was the second highest paid CEO in the United States in 2019, according to Bloomberg's list of the highest paid CEOs and executives in 2019. Cook received compensation totaling $133,727,869 by Bloomberg's count. Almost all of Cook's compensation was provided in the form of stock awards and related performance bonuses. As reported by the SEC earlier this year, Cook received ...